What’s Splunk Doing With AI?

You know what question we’re hearing A LOT right now? “What is Splunk doing with AI?” Of course we are! Every executive at every company is working to understand and answer how their strategic vendors are delivering AI to provide better outcomes and experiences. Read on to see what Splunk is doing with AI.

What Exactly Is AI?

Before we talk about what Splunk is doing in AI, we need to define it. Like so many other massive tech trends such as “DevOps”, “Big Data”, “Cloud Computing” and “Digital Transformation”, Artificial Intelligence (AI) is a murky term which means different things to different people. So how should we define it?

In the broadest sense, AI is the ability for computer software to mimic human reasoning and behavior.

Others may try to pigeonhole AI into a smaller subset of technologies like neural networks or generative AI, but not Splunk. This broad definition allows you to leverage our layered set of capabilities to maximize the outcomes of data analysis.

We’ve Been a Leader in AI for a While Now!

The ChatGPT craze has inspired an “AI gold rush” where companies are now scrambling to build AI into their offerings, often prioritizing marketing and hype over meaningful functionality and outcomes. Splunk has embedded AI and ML capabilities into our platform as well as our security and observability applications. For developers, we also have the Splunk® Machine Learning Toolkit to make common machine learning operations available on data ingested into Splunk® Enterprise and Splunk® Cloud Platform. Our AI innovations can best be described in five broad categories.

Embedded Product Capabilities

Our security and observability products are packed with dozens of intelligent capabilities backed by machine learning algorithms and advanced statistical analysis, and data processing. These capabilities provide users “push button” AI without the need for extensive data science expertise. Below is just a taste of the push button AI we have baked into our products across Cybersecurity, IT Operations, and AppDev teams.

Embedded AI for Cyber Security

• Detect Anomalies in Security Data
• Risk Based Alerting
• DGA Detection

Embedded AI for IT Operations

• ML Assisted Adaptive Thresholding in ITSI
• Alert Storm Detection and Triage
• Find and Suggest Similar Incidents

Embedded AI for Applications

• Predictive Alerting for Resource Exhaustion
• Alert on Deviations from Historical Baselines

Customized AI and ML

Ready to roll up your sleeves and roll your own customized AI detections and analysis? We got you covered. The Splunk® Machine Learning Toolkit app (MLTK), which is a free Splunkbase app, simplifies ML for everyone. Through easy-to-use assistants, you can quickly train, and deploy the most common machine learning operations such as predicting the values of fields using other fields, detecting outliers in a dataset, forecasting future values based on historical values, or clustering related events.

What’s that you say? Machine learning isn’t the type of AI you’re interested in? No problem! For advanced data science use cases, Splunk offers the Splunk® Data Science and Deep Learning app (DSDL), which is also free. DSDL unlocks the power of training and inference of deep learning models on data ingested into your environment. Similar to MLTK, DSDL ships with a set of examples which demonstrate how to use various deep learning algorithms while providing data scientists access to industry standard tools and libraries such as Jupyter Notebook, PyTorch, Tensorflow and GPU compute.

Extensible AI libraries and APIs

With our “Open and Extensible” core AI philosophy, as Splunk continues to bring more AI into the platform, we will also allow customers and partners to extend our models or bring their own. A perfect example of this open and extensible philosophy at work is the new support of externally trained ONNX models within MLTK. These capabilities will allow data scientists to build and train models using the tools and techniques they are most comfortable with, while still allowing those models to be easily applied to your incredibly valuable machine data, driving improved digital resilience outcomes.

Generative AI Chatbots

Like other companies, Splunk is heavily investing in GenAI to finally bring long desired capabilities to the platform, which are only now feasible because of the recent breakthroughs in generative AI. The Splunk® AI Assistant is a generative AI-powered assistive app that makes SPL more accessible. The app accelerates your learning by generating SPL with a natural language prompt, and breaking SPL down into digestible parts. The app also increases users’ knowledge and proficiency by explaining Splunk® Enterprise products, terms, and functionality.

Guided Assistive Workflows

Our up and coming Security and Observability guided assistants will harness the power of GenAI to streamline and optimize data analysis processes for users. These applications act as intelligent assistants, guiding users through incident investigations and analysis, providing contextually relevant suggestions, and distilling large volumes of complex machine data into simple actionable insights. Stay tuned for upcoming announcements at Splunk .conf24 for the latest details about these new assistants.

Is Anyone Using This Stuff?

It’s one thing to say we do AI, but it’s another thing to show it! As they say, the proof is in the pudding. Turns out that a leading European luxury car manufacturer depends on Splunk to drive up quality in the production process by relying on the Splunk® Data Science and Deep Learning application to train a neural network model to predict and prevent possible errors using a myriad of quality assurance data collected into Splunk® Enterprise?

Did it work? You bet it did! Thanks to the model inference produced by the Splunk® Data Science and Deep Learning app, the dynamic and proactive test processes enables production teams to make smarter decisions in order to increase process efficiency.

I’m Sold! What's Next?

Looking for practical and tactical guidance on how to get started? Please check out our Security Use Cases Enhanced by AI and ML and Splunk Artificial Intelligence for Observability use case guides to get real world examples and recipes you can deploy in your environment.

When you’re ready to roll up your sleeves, and get hands-on practice configuring and deploying AI and ML models, we have several curated workshops walking you from zero to hero! Reach out to your local Splunk account team to inquire about these workshops and how you can progress your AI Journey!